@sentropic/h2a-cli 0.23.0 → 0.25.1

package/dist/runtime/mcp-http/hosted-mcp-server.js

@@ -0,0 +1,38 @@
+/**
+ * EVO-12 hosted MCP server — wraps the EXISTING in-process h2a tool dispatch
+ * (`McpServer.callTool`) behind an SDK `Server`, exposing ONLY the read-only
+ * allowlist. `dispatchHostedTool` refuses any non-allowlisted tool name
+ * (defense-in-depth: a signing/private-key tool is never reachable here, even
+ * if the wire asked for it).
+ */
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { CallToolRequestSchema, ListToolsRequestSchema } from "@modelcontextprotocol/sdk/types.js";
+import { currentCliVersion } from "../upgrade/index.js";
+import { H2A_CLI_MCP_TOOL_DESCRIPTORS } from "../mcp/tools.js";
+import { hostedReadOnlyDescriptors, isHostedReadOnlyTool } from "./readonly-allowlist.js";
+export function dispatchHostedTool(h2a, name, args) {
+    if (!isHostedReadOnlyTool(name)) {
+        return {
+            content: [{ type: "text", text: `tool '${name}' is not exposed on the hosted read-only surface` }],
+            isError: true
+        };
+    }
+    const result = h2a.callTool(name, args);
+    if (result && typeof result === "object" && "error" in result && typeof result.error === "string") {
+        return { content: [{ type: "text", text: result.error }], isError: true };
+    }
+    return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+}
+/** SDK Server exposing only the read-only allowlist, dispatching to the h2a callTool. */
+export function buildHostedMcpServer(h2a) {
+    const server = new Server({ name: "h2a", version: currentCliVersion() }, { capabilities: { tools: { listChanged: true } } });
+    const announced = hostedReadOnlyDescriptors(H2A_CLI_MCP_TOOL_DESCRIPTORS).map((d) => ({
+        name: d.name,
+        description: d.description,
+        inputSchema: d.inputSchema
+    }));
+    server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: announced }));
+    server.setRequestHandler(CallToolRequestSchema, async (req) => dispatchHostedTool(h2a, req.params.name, req.params.arguments ?? {}));
+    return server;
+}
+//# sourceMappingURL=hosted-mcp-server.js.map

package/dist/runtime/mcp-http/hosted-mcp-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hosted-mcp-server.js","sourceRoot":"","sources":["../../../src/runtime/mcp-http/hosted-mcp-server.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EACL,qBAAqB,EAErB,sBAAsB,EACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,yBAAyB,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAE1F,MAAM,UAAU,kBAAkB,CAChC,GAAc,EACd,IAAY,EACZ,IAAyC;IAEzC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,IAAI,kDAAkD,EAAE,CAAC;YAClG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACxC,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAClG,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC5E,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;AAChF,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,oBAAoB,CAAC,GAAc;IACjD,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,EAC7C,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,CACnD,CAAC;IAEF,MAAM,SAAS,GAAG,yBAAyB,CAAC,4BAA4B,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpF,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,WAAW,EAAE,CAAC,CAAC,WAAsC;KACtD,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IACrF,MAAM,CAAC,iBAAiB,CACtB,qBAAqB,EACrB,KAAK,EAAE,GAAG,EAA2B,EAAE,CACrC,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CACvE,CAAC;IAEF,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/runtime/mcp-http/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * EVO-12 hosted MCP over HTTP + self-AS OAuth (mcp-wave pattern), exposing the
+ * h2a read-only tool surface for claude.ai enrollment. Core is dep-free; this
+ * lives in @sentropic/h2a-cli.
+ */
+export { H2A_HOSTED_READONLY_TOOLS, hostedReadOnlyDescriptors, isHostedReadOnlyTool, toolTakesPrivateKey } from "./readonly-allowlist.js";
+export { buildHostedMcpServer, dispatchHostedTool } from "./hosted-mcp-server.js";
+export { createHostedApp, type HostedAppDeps } from "./app.js";
+export { startHostedServer, buildHostedConfigFromEnv, type HostedEnv, type HostedConfig, type StartedHostedServer } from "./serve.js";
+export { FileOAuthStore } from "./oauth/file-store.js";
+export { SingleTenantOAuthProvider } from "./oauth/single-tenant-provider.js";
+export { buildOAuthRoutes } from "./oauth/hono-oauth-router.js";
+export { oauthConfigFromEnv, H2A_HOSTED_OAUTH_SCOPE, type H2AHostedOAuthConfig, type H2AHostedOAuthEnv } from "./oauth/config.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/runtime/mcp-http/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/runtime/mcp-http/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,eAAe,EAAE,KAAK,aAAa,EAAE,MAAM,UAAU,CAAC;AAC/D,OAAO,EACL,iBAAiB,EACjB,wBAAwB,EACxB,KAAK,SAAS,EACd,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACzB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACvB,MAAM,mBAAmB,CAAC"}

package/dist/runtime/mcp-http/index.js

@@ -0,0 +1,14 @@
+/**
+ * EVO-12 hosted MCP over HTTP + self-AS OAuth (mcp-wave pattern), exposing the
+ * h2a read-only tool surface for claude.ai enrollment. Core is dep-free; this
+ * lives in @sentropic/h2a-cli.
+ */
+export { H2A_HOSTED_READONLY_TOOLS, hostedReadOnlyDescriptors, isHostedReadOnlyTool, toolTakesPrivateKey } from "./readonly-allowlist.js";
+export { buildHostedMcpServer, dispatchHostedTool } from "./hosted-mcp-server.js";
+export { createHostedApp } from "./app.js";
+export { startHostedServer, buildHostedConfigFromEnv } from "./serve.js";
+export { FileOAuthStore } from "./oauth/file-store.js";
+export { SingleTenantOAuthProvider } from "./oauth/single-tenant-provider.js";
+export { buildOAuthRoutes } from "./oauth/hono-oauth-router.js";
+export { oauthConfigFromEnv, H2A_HOSTED_OAUTH_SCOPE } from "./oauth/config.js";
+//# sourceMappingURL=index.js.map

package/dist/runtime/mcp-http/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/runtime/mcp-http/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EAAE,eAAe,EAAsB,MAAM,UAAU,CAAC;AAC/D,OAAO,EACL,iBAAiB,EACjB,wBAAwB,EAIzB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EAGvB,MAAM,mBAAmB,CAAC"}

package/dist/runtime/mcp-http/main.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=main.d.ts.map

package/dist/runtime/mcp-http/main.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"main.d.ts","sourceRoot":"","sources":["../../../src/runtime/mcp-http/main.ts"],"names":[],"mappings":""}

package/dist/runtime/mcp-http/main.js

@@ -0,0 +1,14 @@
+/**
+ * EVO-12 hosted MCP — runnable entrypoint (Docker CMD / `node dist/runtime/mcp-http/main.js`).
+ * Reads the deploy env and serves the OAuth-gated read-only MCP over HTTP.
+ */
+import { startHostedServer } from "./serve.js";
+startHostedServer()
+    .then((s) => {
+    process.stderr.write(`h2a hosted MCP (EVO-12) listening on :${s.port}\n`);
+})
+    .catch((e) => {
+    process.stderr.write(`h2a hosted MCP failed to start: ${e instanceof Error ? e.message : String(e)}\n`);
+    process.exit(1);
+});
+//# sourceMappingURL=main.js.map

package/dist/runtime/mcp-http/main.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"main.js","sourceRoot":"","sources":["../../../src/runtime/mcp-http/main.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE/C,iBAAiB,EAAE;KAChB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;IACV,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;AAC5E,CAAC,CAAC;KACD,KAAK,CAAC,CAAC,CAAU,EAAE,EAAE;IACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACxG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/runtime/mcp-http/oauth/config.d.ts

@@ -0,0 +1,33 @@
+/**
+ * EVO-12 hosted OAuth — runtime config (ported from mcp-wave; decoupled from
+ * the Wave env type — takes a plain input object so it is unit-testable).
+ *
+ * Scope is read-only (`h2a:read`) — the hosted surface exposes only read tools
+ * (DEC-116 key custody; see ../readonly-allowlist).
+ */
+export declare const H2A_HOSTED_OAUTH_SCOPE = "h2a:read";
+export interface H2AHostedOAuthEnv {
+    PUBLIC_BASE_URL: string;
+    OAUTH_ISSUER_URL: string;
+    OAUTH_CONSENT_SECRET?: string;
+    OAUTH_ALLOWED_REDIRECT_URIS: string;
+    OAUTH_ACCESS_TOKEN_TTL_SECONDS: number;
+    OAUTH_REFRESH_TOKEN_TTL_SECONDS: number;
+    OAUTH_AUTH_CODE_TTL_SECONDS: number;
+    NODE_ENV?: string;
+}
+export interface H2AHostedOAuthConfig {
+    issuerUrl: URL;
+    publicBaseUrl: URL;
+    resourceServerUrl: URL;
+    resourceMetadataUrl: string;
+    consentSecret: string;
+    allowedRedirectUris: readonly string[];
+    accessTokenTtlSeconds: number;
+    refreshTokenTtlSeconds: number;
+    authCodeTtlSeconds: number;
+    nodeEnv: string;
+}
+export declare function parseOAuthCsv(value: string): string[];
+export declare function oauthConfigFromEnv(env: H2AHostedOAuthEnv): H2AHostedOAuthConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/runtime/mcp-http/oauth/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,eAAO,MAAM,sBAAsB,aAAa,CAAC;AAEjD,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,2BAA2B,EAAE,MAAM,CAAC;IACpC,8BAA8B,EAAE,MAAM,CAAC;IACvC,+BAA+B,EAAE,MAAM,CAAC;IACxC,2BAA2B,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,GAAG,CAAC;IACf,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAKrD;AAED,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,iBAAiB,GAAG,oBAAoB,CAe/E"}

package/dist/runtime/mcp-http/oauth/config.js

@@ -0,0 +1,31 @@
+/**
+ * EVO-12 hosted OAuth — runtime config (ported from mcp-wave; decoupled from
+ * the Wave env type — takes a plain input object so it is unit-testable).
+ *
+ * Scope is read-only (`h2a:read`) — the hosted surface exposes only read tools
+ * (DEC-116 key custody; see ../readonly-allowlist).
+ */
+export const H2A_HOSTED_OAUTH_SCOPE = "h2a:read";
+export function parseOAuthCsv(value) {
+    return value
+        .split(",")
+        .map((item) => item.trim())
+        .filter((item) => item.length > 0);
+}
+export function oauthConfigFromEnv(env) {
+    const publicBaseUrl = new URL(env.PUBLIC_BASE_URL);
+    const issuerUrl = new URL(env.OAUTH_ISSUER_URL);
+    return {
+        issuerUrl,
+        publicBaseUrl,
+        resourceServerUrl: new URL("/mcp", publicBaseUrl),
+        resourceMetadataUrl: new URL("/.well-known/oauth-protected-resource/mcp", publicBaseUrl).href,
+        consentSecret: env.OAUTH_CONSENT_SECRET ?? "local-dev-consent",
+        allowedRedirectUris: parseOAuthCsv(env.OAUTH_ALLOWED_REDIRECT_URIS),
+        accessTokenTtlSeconds: env.OAUTH_ACCESS_TOKEN_TTL_SECONDS,
+        refreshTokenTtlSeconds: env.OAUTH_REFRESH_TOKEN_TTL_SECONDS,
+        authCodeTtlSeconds: env.OAUTH_AUTH_CODE_TTL_SECONDS,
+        nodeEnv: env.NODE_ENV ?? "development"
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/runtime/mcp-http/oauth/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,UAAU,CAAC;AA0BjD,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,KAAK;SACT,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;SAC1B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,GAAsB;IACvD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAChD,OAAO;QACL,SAAS;QACT,aAAa;QACb,iBAAiB,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC;QACjD,mBAAmB,EAAE,IAAI,GAAG,CAAC,2CAA2C,EAAE,aAAa,CAAC,CAAC,IAAI;QAC7F,aAAa,EAAE,GAAG,CAAC,oBAAoB,IAAI,mBAAmB;QAC9D,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,2BAA2B,CAAC;QACnE,qBAAqB,EAAE,GAAG,CAAC,8BAA8B;QACzD,sBAAsB,EAAE,GAAG,CAAC,+BAA+B;QAC3D,kBAAkB,EAAE,GAAG,CAAC,2BAA2B;QACnD,OAAO,EAAE,GAAG,CAAC,QAAQ,IAAI,aAAa;KACvC,CAAC;AACJ,CAAC"}

package/dist/runtime/mcp-http/oauth/crypto.d.ts

@@ -0,0 +1,5 @@
+export declare function randomToken(byteLength?: number): string;
+export declare function sha256Hex(value: string): string;
+export declare function tokenHashPrefix(tokenHash: string): string;
+export declare function timingSafeEqualString(a: string, b: string): boolean;
+//# sourceMappingURL=crypto.d.ts.map

package/dist/runtime/mcp-http/oauth/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/crypto.ts"],"names":[],"mappings":"AAKA,wBAAgB,WAAW,CAAC,UAAU,SAAK,GAAG,MAAM,CAEnD;AAED,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAE/C;AAED,wBAAgB,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAEzD;AAED,wBAAgB,qBAAqB,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAInE"}

package/dist/runtime/mcp-http/oauth/crypto.js

@@ -0,0 +1,19 @@
+/**
+ * EVO-12 hosted OAuth — token crypto helpers (ported from mcp-wave, generic).
+ */
+import { createHash, randomBytes, timingSafeEqual } from "node:crypto";
+export function randomToken(byteLength = 32) {
+    return randomBytes(byteLength).toString("base64url");
+}
+export function sha256Hex(value) {
+    return createHash("sha256").update(value).digest("hex");
+}
+export function tokenHashPrefix(tokenHash) {
+    return tokenHash.slice(0, 12);
+}
+export function timingSafeEqualString(a, b) {
+    const left = Buffer.from(sha256Hex(a), "hex");
+    const right = Buffer.from(sha256Hex(b), "hex");
+    return timingSafeEqual(left, right);
+}
+//# sourceMappingURL=crypto.js.map

package/dist/runtime/mcp-http/oauth/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/crypto.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,MAAM,UAAU,WAAW,CAAC,UAAU,GAAG,EAAE;IACzC,OAAO,WAAW,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAa;IACrC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,SAAiB;IAC/C,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,CAAS,EAAE,CAAS;IACxD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC/C,OAAO,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACtC,CAAC"}

package/dist/runtime/mcp-http/oauth/file-store.d.ts

@@ -0,0 +1,40 @@
+import type { OAuthRegisteredClientsStore } from "@modelcontextprotocol/sdk/server/auth/clients.js";
+import type { OAuthClientInformationFull } from "@modelcontextprotocol/sdk/shared/auth.js";
+export interface StoredAuthorizationCode {
+    codeHash: string;
+    clientId: string;
+    redirectUri: string;
+    codeChallenge: string;
+    scopes: string[];
+    resource: string;
+    createdAt: number;
+    expiresAt: number;
+    consumedAt?: number;
+}
+export interface StoredToken {
+    tokenHash: string;
+    tokenType: "access" | "refresh";
+    clientId: string;
+    scopes: string[];
+    resource: string;
+    issuedAt: number;
+    expiresAt: number;
+    revokedAt?: number;
+    parentRefreshTokenHash?: string;
+}
+export declare class FileOAuthStore implements OAuthRegisteredClientsStore {
+    readonly path: string;
+    private snapshot;
+    constructor(path: string);
+    load(): Promise<void>;
+    getClient(clientId: string): Promise<OAuthClientInformationFull | undefined>;
+    registerClient(client: OAuthClientInformationFull): Promise<OAuthClientInformationFull>;
+    putAuthorizationCode(code: string, record: Omit<StoredAuthorizationCode, "codeHash" | "consumedAt">): Promise<void>;
+    getAuthorizationCode(code: string, nowSeconds: number): Promise<StoredAuthorizationCode | undefined>;
+    consumeAuthorizationCode(code: string, nowSeconds: number): Promise<StoredAuthorizationCode | undefined>;
+    putToken(token: string, record: Omit<StoredToken, "tokenHash" | "revokedAt">): Promise<StoredToken>;
+    findToken(token: string): Promise<StoredToken | undefined>;
+    revokeToken(token: string, nowSeconds: number): Promise<void>;
+    private persist;
+}
+//# sourceMappingURL=file-store.d.ts.map

package/dist/runtime/mcp-http/oauth/file-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-store.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/file-store.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAI3F,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,QAAQ,GAAG,SAAS,CAAC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AASD,qBAAa,cAAe,YAAW,2BAA2B;IAGpD,QAAQ,CAAC,IAAI,EAAE,MAAM;IAFjC,OAAO,CAAC,QAAQ,CAA6E;gBAExE,IAAI,EAAE,MAAM;IAE3B,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAkBrB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC;IAI5E,cAAc,CAAC,MAAM,EAAE,0BAA0B,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAMvF,oBAAoB,CACxB,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,IAAI,CAAC,uBAAuB,EAAE,UAAU,GAAG,YAAY,CAAC,GAC/D,OAAO,CAAC,IAAI,CAAC;IAMV,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,GAAG,SAAS,CAAC;IAMpG,wBAAwB,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,GAAG,SAAS,CAAC;IASxG,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,WAAW,EAAE,WAAW,GAAG,WAAW,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC;IAQnG,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAI1D,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;YAQrD,OAAO;CAmBtB"}

package/dist/runtime/mcp-http/oauth/file-store.js

@@ -0,0 +1,101 @@
+/**
+ * EVO-12 hosted OAuth — file-backed store for DCR clients, auth codes, tokens
+ * (ported from mcp-wave; generic, atomic-persist). Holds only OAuth artifacts
+ * (hashed codes/tokens) — never an h2a ed25519 private key.
+ */
+import { mkdir, open, readFile, rename, writeFile } from "node:fs/promises";
+import { dirname } from "node:path";
+import { sha256Hex } from "./crypto.js";
+export class FileOAuthStore {
+    path;
+    snapshot = { version: 1, clients: {}, authorizationCodes: {}, tokens: {} };
+    constructor(path) {
+        this.path = path;
+    }
+    async load() {
+        try {
+            const parsed = JSON.parse(await readFile(this.path, "utf8"));
+            this.snapshot = {
+                version: 1,
+                clients: parsed.clients ?? {},
+                authorizationCodes: parsed.authorizationCodes ?? {},
+                tokens: parsed.tokens ?? {}
+            };
+        }
+        catch (error) {
+            if (error instanceof Error && "code" in error && error.code === "ENOENT") {
+                await this.persist();
+                return;
+            }
+            throw error;
+        }
+    }
+    async getClient(clientId) {
+        return this.snapshot.clients[clientId];
+    }
+    async registerClient(client) {
+        this.snapshot.clients[client.client_id] = client;
+        await this.persist();
+        return client;
+    }
+    async putAuthorizationCode(code, record) {
+        const codeHash = sha256Hex(code);
+        this.snapshot.authorizationCodes[codeHash] = { ...record, codeHash };
+        await this.persist();
+    }
+    async getAuthorizationCode(code, nowSeconds) {
+        const record = this.snapshot.authorizationCodes[sha256Hex(code)];
+        if (!record || record.consumedAt || record.expiresAt <= nowSeconds)
+            return undefined;
+        return record;
+    }
+    async consumeAuthorizationCode(code, nowSeconds) {
+        const codeHash = sha256Hex(code);
+        const record = this.snapshot.authorizationCodes[codeHash];
+        if (!record || record.consumedAt || record.expiresAt <= nowSeconds)
+            return undefined;
+        record.consumedAt = nowSeconds;
+        await this.persist();
+        return record;
+    }
+    async putToken(token, record) {
+        const tokenHash = sha256Hex(token);
+        const stored = { ...record, tokenHash };
+        this.snapshot.tokens[tokenHash] = stored;
+        await this.persist();
+        return stored;
+    }
+    async findToken(token) {
+        return this.snapshot.tokens[sha256Hex(token)];
+    }
+    async revokeToken(token, nowSeconds) {
+        const record = this.snapshot.tokens[sha256Hex(token)];
+        if (record && record.revokedAt === undefined) {
+            record.revokedAt = nowSeconds;
+            await this.persist();
+        }
+    }
+    async persist() {
+        await mkdir(dirname(this.path), { recursive: true });
+        const body = `${JSON.stringify(this.snapshot, null, 2)}\n`;
+        const tempPath = `${this.path}.${process.pid}.${Date.now()}.tmp`;
+        await writeFile(tempPath, body, { mode: 0o600 });
+        const handle = await open(tempPath, "r");
+        try {
+            await handle.sync();
+        }
+        catch (error) {
+            // Windows rejects fsync on some handles with EPERM, and exotic FUSE/CI
+            // filesystems return ENOSYS. The durability hint is best-effort; the
+            // rename below still provides atomic replace on every platform.
+            const code = error.code;
+            if (code !== "EPERM" && code !== "ENOSYS")
+                throw error;
+        }
+        finally {
+            await handle.close();
+        }
+        await rename(tempPath, this.path);
+    }
+}
+//# sourceMappingURL=file-store.js.map

package/dist/runtime/mcp-http/oauth/file-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-store.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/file-store.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC5E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIpC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAiCxC,MAAM,OAAO,cAAc;IAGJ;IAFb,QAAQ,GAAa,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,kBAAkB,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IAE7F,YAAqB,IAAY;QAAZ,SAAI,GAAJ,IAAI,CAAQ;IAAG,CAAC;IAErC,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAa,CAAC;YACzE,IAAI,CAAC,QAAQ,GAAG;gBACd,OAAO,EAAE,CAAC;gBACV,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE;gBAC7B,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,EAAE;gBACnD,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;aAC5B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,MAAM,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACzE,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;gBACrB,OAAO;YACT,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,QAAgB;QAC9B,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAkC;QACrD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC;QACjD,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,IAAY,EACZ,MAAgE;QAEhE,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,CAAC;QACrE,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAAY,EAAE,UAAkB;QACzD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACjE,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,SAAS,IAAI,UAAU;YAAE,OAAO,SAAS,CAAC;QACrF,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,IAAY,EAAE,UAAkB;QAC7D,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QACjC,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,SAAS,IAAI,UAAU;YAAE,OAAO,SAAS,CAAC;QACrF,MAAM,CAAC,UAAU,GAAG,UAAU,CAAC;QAC/B,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,KAAa,EAAE,MAAoD;QAChF,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC;QACzC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,KAAa;QAC3B,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,UAAkB;QACjD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QACtD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YAC7C,MAAM,CAAC,SAAS,GAAG,UAAU,CAAC;YAC9B,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACvB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,OAAO;QACnB,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC;QAC3D,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC;QACjE,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QACtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uEAAuE;YACvE,qEAAqE;YACrE,gEAAgE;YAChE,MAAM,IAAI,GAAI,KAA+B,CAAC,IAAI,CAAC;YACnD,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,QAAQ;gBAAE,MAAM,KAAK,CAAC;QACzD,CAAC;gBAAS,CAAC;YACT,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QACvB,CAAC;QACD,MAAM,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;CACF"}

package/dist/runtime/mcp-http/oauth/hono-oauth-router.d.ts

@@ -0,0 +1,5 @@
+import { Hono } from "hono";
+import { type H2AHostedOAuthConfig } from "./config.js";
+import type { SingleTenantOAuthProvider } from "./single-tenant-provider.js";
+export declare function buildOAuthRoutes(provider: SingleTenantOAuthProvider, oauth: H2AHostedOAuthConfig): Hono;
+//# sourceMappingURL=hono-oauth-router.d.ts.map

package/dist/runtime/mcp-http/oauth/hono-oauth-router.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hono-oauth-router.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAyC,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC/F,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAE7E,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,yBAAyB,EAAE,KAAK,EAAE,oBAAoB,GAAG,IAAI,CAsFvG"}

package/dist/runtime/mcp-http/oauth/hono-oauth-router.js

@@ -0,0 +1,83 @@
+/**
+ * EVO-12 hosted OAuth — authorization-server + protected-resource routes
+ * (ported from mcp-wave). Standard endpoints (DCR, token+PKCE, revoke,
+ * well-known metadata) come from `@hono/mcp/auth`; only `/authorize` is custom
+ * (operator consent secret gate, single-tenant). resourceName = "h2a".
+ */
+import { authenticateClient, clientRegistrationHandler, createOAuthMetadata, revokeHandler, tokenHandler, wellKnownRouter } from "@hono/mcp/auth";
+import { OAuthError, ServerError } from "@modelcontextprotocol/sdk/server/auth/errors.js";
+import { Hono } from "hono";
+import { H2A_HOSTED_OAUTH_SCOPE as OAUTH_SCOPE } from "./config.js";
+export function buildOAuthRoutes(provider, oauth) {
+    const sdkProvider = provider;
+    const clientsStore = provider.clientsStore;
+    const router = new Hono();
+    // RFC 8414: issuer identifier must equal the metadata-URL value (no trailing
+    // slash) — a URL object would normalize to a trailing slash that claude.ai rejects.
+    const issuer = oauth.issuerUrl.href.replace(/\/+$/, "");
+    const oauthMetadata = createOAuthMetadata({
+        provider: sdkProvider,
+        issuerUrl: issuer,
+        baseUrl: oauth.publicBaseUrl,
+        scopesSupported: [OAUTH_SCOPE]
+    });
+    router.route("/", wellKnownRouter({
+        oauthMetadata,
+        resourceServerUrl: oauth.resourceServerUrl,
+        scopesSupported: [OAUTH_SCOPE],
+        resourceName: "h2a"
+    }));
+    // Also serve PRM at the unsuffixed path (the bearerAuth 401 advertises it there).
+    router.get("/.well-known/oauth-protected-resource", (c) => c.json({
+        resource: oauth.resourceServerUrl.href,
+        authorization_servers: [issuer],
+        bearer_methods_supported: ["header"],
+        scopes_supported: [OAUTH_SCOPE],
+        resource_name: "h2a"
+    }));
+    router.post("/register", clientRegistrationHandler({ clientsStore }));
+    router.post("/token", authenticateClient({ clientsStore }), tokenHandler(sdkProvider));
+    router.post("/revoke", authenticateClient({ clientsStore }), revokeHandler(sdkProvider));
+    router.on(["GET", "POST"], "/authorize", async (c) => {
+        c.header("Cache-Control", "no-store");
+        const raw = c.req.method === "POST"
+            ? (await c.req.parseBody())
+            : c.req.query();
+        const clientId = raw["client_id"];
+        if (!clientId) {
+            return c.json({ error: "invalid_request", error_description: "missing client_id" }, 400);
+        }
+        const client = await provider.clientsStore.getClient(clientId);
+        if (!client) {
+            return c.json({ error: "invalid_client", error_description: "unknown client_id" }, 400);
+        }
+        const redirectUri = raw["redirect_uri"] ?? client.redirect_uris[0] ?? "";
+        const scopeRaw = raw["scope"];
+        const stateRaw = raw["state"];
+        const resourceRaw = raw["resource"];
+        const params = {
+            redirectUri,
+            codeChallenge: raw["code_challenge"] ?? "",
+            ...(scopeRaw !== undefined && { scopes: scopeRaw.split(" ") }),
+            ...(stateRaw !== undefined && { state: stateRaw }),
+            ...(resourceRaw !== undefined && { resource: new URL(resourceRaw) })
+        };
+        try {
+            const consentSecret = raw["consent_secret"];
+            const outcome = await provider.authorizeRequest(client, params, {
+                method: c.req.method,
+                ...(consentSecret !== undefined && { consentSecret })
+            });
+            if (outcome.kind === "consent") {
+                return c.html(outcome.html, outcome.status);
+            }
+            return c.redirect(outcome.location, 302);
+        }
+        catch (e) {
+            const err = e instanceof OAuthError ? e : new ServerError("Internal Server Error");
+            return c.json(err.toResponseObject(), err instanceof ServerError ? 500 : 400);
+        }
+    });
+    return router;
+}
+//# sourceMappingURL=hono-oauth-router.js.map

package/dist/runtime/mcp-http/oauth/hono-oauth-router.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hono-oauth-router.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,eAAe,EAChB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iDAAiD,CAAC;AAK1F,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,sBAAsB,IAAI,WAAW,EAA6B,MAAM,aAAa,CAAC;AAG/F,MAAM,UAAU,gBAAgB,CAAC,QAAmC,EAAE,KAA2B;IAC/F,MAAM,WAAW,GAAG,QAA0C,CAAC;IAC/D,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAsD,CAAC;IACrF,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAE1B,6EAA6E;IAC7E,oFAAoF;IACpF,MAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAExD,MAAM,aAAa,GAAG,mBAAmB,CAAC;QACxC,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,MAAM;QACjB,OAAO,EAAE,KAAK,CAAC,aAAa;QAC5B,eAAe,EAAE,CAAC,WAAW,CAAC;KAC/B,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CACV,GAAG,EACH,eAAe,CAAC;QACd,aAAa;QACb,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,eAAe,EAAE,CAAC,WAAW,CAAC;QAC9B,YAAY,EAAE,KAAK;KACpB,CAAC,CACH,CAAC;IAEF,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,CAAC,EAAE,EAAE,CACxD,CAAC,CAAC,IAAI,CAAC;QACL,QAAQ,EAAE,KAAK,CAAC,iBAAiB,CAAC,IAAI;QACtC,qBAAqB,EAAE,CAAC,MAAM,CAAC;QAC/B,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,aAAa,EAAE,KAAK;KACrB,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;IACtE,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;IACvF,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC;IAEzF,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnD,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QACtC,MAAM,GAAG,GACP,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM;YACrB,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,CAA4B;YACvD,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,KAAK,EAA6B,CAAC;QAEhD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3F,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzE,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;QACpC,MAAM,MAAM,GAAwB;YAClC,WAAW;YACX,aAAa,EAAE,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE;YAC1C,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;YAClD,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,IAAI,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;SACrE,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC5C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE;gBAC9D,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;gBACpB,GAAG,CAAC,aAAa,KAAK,SAAS,IAAI,EAAE,aAAa,EAAE,CAAC;aACtD,CAAC,CAAC;YACH,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACnF,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,GAAG,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChF,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/runtime/mcp-http/oauth/redirect-uri.d.ts

@@ -0,0 +1,11 @@
+/**
+ * EVO-12 hosted OAuth — redirect-uri allow checks (ported from mcp-wave;
+ * decoupled from the Wave env type — takes a plain nodeEnv string).
+ *
+ * claude.ai's connector uses fixed redirect URIs
+ * (https://claude.ai|claude.com/api/mcp/auth_callback) — those must be in
+ * `allowedRedirectUris`. Loopback is allowed only outside production (local dev).
+ */
+export declare function redirectUriAllowed(redirectUri: string, allowedRedirectUris: readonly string[], nodeEnv: string): boolean;
+export declare function allRedirectUrisAllowed(redirectUris: readonly string[], allowedRedirectUris: readonly string[], nodeEnv: string): boolean;
+//# sourceMappingURL=redirect-uri.d.ts.map

package/dist/runtime/mcp-http/oauth/redirect-uri.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redirect-uri.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/redirect-uri.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,wBAAgB,kBAAkB,CAChC,WAAW,EAAE,MAAM,EACnB,mBAAmB,EAAE,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,MAAM,GACd,OAAO,CAiBT;AAED,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,SAAS,MAAM,EAAE,EAC/B,mBAAmB,EAAE,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,MAAM,GACd,OAAO,CAET"}

package/dist/runtime/mcp-http/oauth/redirect-uri.js

@@ -0,0 +1,29 @@
+/**
+ * EVO-12 hosted OAuth — redirect-uri allow checks (ported from mcp-wave;
+ * decoupled from the Wave env type — takes a plain nodeEnv string).
+ *
+ * claude.ai's connector uses fixed redirect URIs
+ * (https://claude.ai|claude.com/api/mcp/auth_callback) — those must be in
+ * `allowedRedirectUris`. Loopback is allowed only outside production (local dev).
+ */
+const LOOPBACK_HOSTS = new Set(["localhost", "127.0.0.1", "::1"]);
+export function redirectUriAllowed(redirectUri, allowedRedirectUris, nodeEnv) {
+    let parsed;
+    try {
+        parsed = new URL(redirectUri);
+    }
+    catch {
+        return false;
+    }
+    if (allowedRedirectUris.includes(parsed.href)) {
+        return true;
+    }
+    if (nodeEnv !== "production" && LOOPBACK_HOSTS.has(parsed.hostname)) {
+        return parsed.protocol === "http:" || parsed.protocol === "https:";
+    }
+    return false;
+}
+export function allRedirectUrisAllowed(redirectUris, allowedRedirectUris, nodeEnv) {
+    return redirectUris.every((uri) => redirectUriAllowed(uri, allowedRedirectUris, nodeEnv));
+}
+//# sourceMappingURL=redirect-uri.js.map

package/dist/runtime/mcp-http/oauth/redirect-uri.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redirect-uri.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/redirect-uri.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;AAElE,MAAM,UAAU,kBAAkB,CAChC,WAAmB,EACnB,mBAAsC,EACtC,OAAe;IAEf,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,mBAAmB,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,KAAK,YAAY,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpE,OAAO,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;IACrE,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,YAA+B,EAC/B,mBAAsC,EACtC,OAAe;IAEf,OAAO,YAAY,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAC,CAAC;AAC5F,CAAC"}

package/dist/runtime/mcp-http/oauth/single-tenant-provider.d.ts

@@ -0,0 +1,68 @@
+/**
+ * EVO-12 hosted OAuth — single-tenant authorization server (ported from
+ * mcp-wave). Implements the MCP SDK OAuthServerProvider surface: DCR client
+ * registration (redirect-uri allowlisted), operator-consent authorize,
+ * auth-code + PKCE exchange, refresh, access-token verify/revoke. Scope is
+ * read-only `h2a:read`. The OAuth tokens grant access to the read-only MCP tool
+ * surface only — never to any signing tool / private key (DEC-116). The
+ * client never receives an h2a private key.
+ */
+import type { OAuthRegisteredClientsStore } from "@modelcontextprotocol/sdk/server/auth/clients.js";
+import type { AuthorizationParams } from "@modelcontextprotocol/sdk/server/auth/provider.js";
+import type { AuthInfo } from "@modelcontextprotocol/sdk/server/auth/types.js";
+import type { OAuthClientInformationFull, OAuthTokenRevocationRequest, OAuthTokens } from "@modelcontextprotocol/sdk/shared/auth.js";
+import type { FileOAuthStore } from "./file-store.js";
+export type AuthorizeOutcome = {
+    kind: "consent";
+    status: 200 | 401;
+    html: string;
+} | {
+    kind: "redirect";
+    location: string;
+};
+interface ProviderOptions {
+    store: FileOAuthStore;
+    nodeEnv: string;
+    issuerUrl: URL;
+    publicBaseUrl: URL;
+    resourceServerUrl: URL;
+    consentSecret: string;
+    allowedRedirectUris: readonly string[];
+    authCodeTtlSeconds: number;
+    accessTokenTtlSeconds: number;
+    refreshTokenTtlSeconds: number;
+    nowSeconds?: () => number;
+}
+interface IssueCodeParams {
+    redirectUri: string;
+    codeChallenge: string;
+    scopes: string[];
+    resource?: URL;
+    state?: string;
+}
+type WideClientsStore = Omit<OAuthRegisteredClientsStore, "registerClient"> & {
+    registerClient?(client: OAuthClientInformationFull): OAuthClientInformationFull | Promise<OAuthClientInformationFull>;
+};
+export declare class SingleTenantOAuthProvider {
+    private readonly opts;
+    readonly clientsStore: WideClientsStore;
+    constructor(opts: ProviderOptions);
+    private nowSeconds;
+    authorizeRequest(client: OAuthClientInformationFull, params: AuthorizationParams, input: {
+        method: string;
+        consentSecret?: string;
+    }): Promise<AuthorizeOutcome>;
+    issueAuthorizationCode(client: OAuthClientInformationFull, params: IssueCodeParams): Promise<string>;
+    private renderConsentForm;
+    challengeForAuthorizationCode(_client: OAuthClientInformationFull, authorizationCode: string): Promise<string>;
+    exchangeAuthorizationCode(client: OAuthClientInformationFull, authorizationCode: string, _codeVerifier?: string, redirectUri?: string, resource?: URL): Promise<OAuthTokens>;
+    exchangeRefreshToken(client: OAuthClientInformationFull, refreshToken: string, scopes?: string[], resource?: URL): Promise<OAuthTokens>;
+    verifyAccessToken(token: string): Promise<AuthInfo>;
+    revokeToken(_client: OAuthClientInformationFull, request: OAuthTokenRevocationRequest): Promise<void>;
+    issueTokensForTests(client: OAuthClientInformationFull): Promise<OAuthTokens>;
+    private issueTokens;
+    private normalizeScopes;
+    private normalizeResource;
+}
+export {};
+//# sourceMappingURL=single-tenant-provider.d.ts.map

package/dist/runtime/mcp-http/oauth/single-tenant-provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"single-tenant-provider.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/single-tenant-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,kDAAkD,CAAC;AAQpG,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mDAAmD,CAAC;AAC7F,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gDAAgD,CAAC;AAC/E,OAAO,KAAK,EACV,0BAA0B,EAC1B,2BAA2B,EAC3B,WAAW,EACZ,MAAM,0CAA0C,CAAC;AAIlD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAGtD,MAAM,MAAM,gBAAgB,GACxB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GACpD;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAE3C,UAAU,eAAe;IACvB,KAAK,EAAE,cAAc,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,GAAG,CAAC;IACf,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,MAAM,CAAC;CAC3B;AAED,UAAU,eAAe;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,CAAC,EAAE,GAAG,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,KAAK,gBAAgB,GAAG,IAAI,CAAC,2BAA2B,EAAE,gBAAgB,CAAC,GAAG;IAC5E,cAAc,CAAC,CACb,MAAM,EAAE,0BAA0B,GACjC,0BAA0B,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;CACrE,CAAC;AAEF,qBAAa,yBAAyB;IAGxB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAFjC,QAAQ,CAAC,YAAY,EAAE,gBAAgB,CAAC;gBAEX,IAAI,EAAE,eAAe;IAmBlD,OAAO,CAAC,UAAU;IAIZ,gBAAgB,CACpB,MAAM,EAAE,0BAA0B,EAClC,MAAM,EAAE,mBAAmB,EAC3B,KAAK,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,GAChD,OAAO,CAAC,gBAAgB,CAAC;IAoBtB,sBAAsB,CAAC,MAAM,EAAE,0BAA0B,EAAE,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC;IAiB1G,OAAO,CAAC,iBAAiB;IAiEnB,6BAA6B,CACjC,OAAO,EAAE,0BAA0B,EACnC,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,MAAM,CAAC;IAMZ,yBAAyB,CAC7B,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,aAAa,CAAC,EAAE,MAAM,EACtB,WAAW,CAAC,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,GAAG,GACb,OAAO,CAAC,WAAW,CAAC;IAYjB,oBAAoB,CACxB,MAAM,EAAE,0BAA0B,EAClC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,MAAM,EAAE,EACjB,QAAQ,CAAC,EAAE,GAAG,GACb,OAAO,CAAC,WAAW,CAAC;IAkBjB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAgBnD,WAAW,CAAC,OAAO,EAAE,0BAA0B,EAAE,OAAO,EAAE,2BAA2B,GAAG,OAAO,CAAC,IAAI,CAAC;IAIrG,mBAAmB,CAAC,MAAM,EAAE,0BAA0B,GAAG,OAAO,CAAC,WAAW,CAAC;YAIrE,WAAW;IAoCzB,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;CAQ1B"}